# PoC Exploit: CSV Injection# Vulnerable URL: All CSV Export functionalities within the CRM application# Description: Siebel CRM application was found to be vulnerable to Excel Macro injection vulnerability, # in places where user input is allowed (in text form) and the input can then be exported in CSV # form. An attacker can change user information to include in his input a malicious excel function.

=-2+3+cmd|' /C calc'!D

# The function will then be executed on the victimas machine, # once the victim exports the details in CSV format and opens the exported file in Microsoft Excel.

# Impact: The vulnerability doesnat target the web application but rather its users. # A hypothetical attacker could use it, in order to trick other application users into unwillingly # executing arbitrary malicious code, potentially leading to full a compromise of their workstation. # Although excel has implemented certain features to protect its users # (the user is asked whether he wants to execute a potentially harmful external script), # the user could easily assume that the content can be trusted since the file is # extracted from a trusted source.